Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1945

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2008-1945
Last Modified 21 Aug 2010 01:19:47
Published 08 Aug 2008 03:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-1945

Summary

QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.

Vulnerable Systems

Application

  • Mandriva Qemu 0.9.0


References

REDHAT - RHSA-2008:0892

XF - qemu-image-security-bypass(44269)

UBUNTU - USN-776-1

SECTRACK - 1020959

BID - 30604

MANDRIVA - MDVSA-2008:162

DEBIAN - DSA-1799

SECUNIA - 35062

SECUNIA - 35031

SECUNIA - 34642

SECUNIA - 32088

SECUNIA - 32063

SUSE - SUSE-SR:2009:008


Last Updated: 27 May 2016 10:47:42